Security notes¶
In total, in the MOSK 23.2.3 release, 331 Common Vulnerabilities and Exposures (CVE) have been fixed: 39 of critical and 292 of high severity.
The full list of the CVEs present in the current MOSK release is available at the Mirantis Security Portal.
Severity |
Critical |
High |
Total |
|---|---|---|---|
Unique CVEs |
1 |
18 |
19 |
Total issues across images |
39 |
292 |
331 |
Image |
Component name |
CVE |
|---|---|---|
core/external/nginx |
libwebp |
CVE-2023-4863 (High) |
core/frontend |
libwebp |
CVE-2023-4863 (High) |
general/memcached |
busybox |
CVE-2022-48174 (Critical) |
busybox-binsh |
CVE-2022-48174 (Critical) |
|
ssl_client |
CVE-2022-48174 (Critical) |
|
lcm/kubernetes/openstack-cloud-controller-manager-amd64 |
busybox |
CVE-2022-48174 (Critical) |
busybox-binsh |
CVE-2022-48174 (Critical) |
|
ssl_client |
CVE-2022-48174 (Critical) |
|
lcm/registry |
busybox |
CVE-2022-48174 (Critical) |
busybox-binsh |
CVE-2022-48174 (Critical) |
|
ssl_client |
CVE-2022-48174 (Critical) |
|
openstack/extra/cloudprober |
busybox |
CVE-2022-48174 (Critical) |
busybox-binsh |
CVE-2022-48174 (Critical) |
|
ssl_client |
CVE-2022-48174 (Critical) |
|
openstack/extra/etcd |
busybox |
CVE-2022-48174 (Critical) |
busybox-binsh |
CVE-2022-48174 (Critical) |
|
ssl_client |
CVE-2022-48174 (Critical) |
|
openstack/extra/nginx-ingress-controller |
busybox |
CVE-2022-48174 (Critical) |
busybox-binsh |
CVE-2022-48174 (Critical) |
|
ssl_client |
CVE-2022-48174 (Critical) |
|
openstack/extra/redis |
busybox |
CVE-2022-48174 (Critical) |
busybox-binsh |
CVE-2022-48174 (Critical) |
|
ssl_client |
CVE-2022-48174 (Critical) |
|
openstack/horizon |
Django |
CVE-2023-41164 (High) |
scale/curl-jq |
busybox |
CVE-2022-48174 (Critical) |
busybox-binsh |
CVE-2022-48174 (Critical) |
|
ssl_client |
CVE-2022-48174 (Critical) |
|
stacklight/alertmanager-webhook-servicenow |
busybox |
CVE-2022-48174 (Critical) |
busybox-binsh |
CVE-2022-48174 (Critical) |
|
ssl_client |
CVE-2022-48174 (Critical) |
|
stacklight/grafana-image-renderer |
libwebp |
CVE-2023-4863 (High) |
stacklight/ironic-prometheus-exporter |
busybox |
CVE-2022-48174 (Critical) |
busybox-binsh |
CVE-2022-48174 (Critical) |
|
ssl_client |
CVE-2022-48174 (Critical) |
|
stacklight/sf-reporter |
busybox |
CVE-2022-48174 (Critical) |
busybox-binsh |
CVE-2022-48174 (Critical) |
|
ssl_client |
CVE-2022-48174 (Critical) |
|
stacklight/tungstenfabric-prometheus-exporter |
busybox |
CVE-2022-48174 (Critical) |
busybox-binsh |
CVE-2022-48174 (Critical) |
|
ssl_client |
CVE-2022-48174 (Critical) |
|
tungsten/contrail-analytics-alarm-gen |
kernel-headers |
CVE-2022-1012 (High) |
CVE-2023-2163 (High) |
||
CVE-2022-42896 (High) |
||
CVE-2023-3611 (High) |
||
CVE-2023-35001 (High) |
||
CVE-2023-3609 (High) |
||
CVE-2020-8834 (High) |
||
CVE-2021-3715 (High) |
||
CVE-2023-4128 (High) |
||
CVE-2023-32233 (High) |
||
CVE-2022-2639 (High) |
||
CVE-2023-1829 (High) |
||
CVE-2023-3776 (High) |
||
CVE-2018-20976 (High) |
||
CVE-2023-1281 (High) |
||
CVE-2023-35788 (High) |
||
tungsten/contrail-analytics-api |
kernel-headers |
CVE-2022-1012 (High) |
CVE-2023-2163 (High) |
||
CVE-2022-42896 (High) |
||
CVE-2023-3611 (High) |
||
CVE-2023-35001 (High) |
||
CVE-2023-3609 (High) |
||
CVE-2020-8834 (High) |
||
CVE-2021-3715 (High) |
||
CVE-2023-4128 (High) |
||
CVE-2023-32233 (High) |
||
CVE-2022-2639 (High) |
||
CVE-2023-1829 (High) |
||
CVE-2023-3776 (High) |
||
CVE-2018-20976 (High) |
||
CVE-2023-1281 (High) |
||
CVE-2023-35788 (High) |
||
tungsten/contrail-analytics-collector |
kernel-headers |
CVE-2023-35788 (High) |
CVE-2022-1012 (High) |
||
CVE-2023-2163 (High) |
||
CVE-2022-42896 (High) |
||
CVE-2023-3611 (High) |
||
CVE-2023-35001 (High) |
||
CVE-2023-3609 (High) |
||
CVE-2020-8834 (High) |
||
CVE-2021-3715 (High) |
||
CVE-2023-4128 (High) |
||
CVE-2023-32233 (High) |
||
CVE-2022-2639 (High) |
||
CVE-2023-1829 (High) |
||
CVE-2023-3776 (High) |
||
CVE-2018-20976 (High) |
||
CVE-2023-1281 (High) |
||
tungsten/contrail-analytics-query-engine |
kernel-headers |
CVE-2023-35788 (High) |
CVE-2022-1012 (High) |
||
CVE-2023-2163 (High) |
||
CVE-2022-42896 (High) |
||
CVE-2023-3611 (High) |
||
CVE-2023-35001 (High) |
||
CVE-2023-3609 (High) |
||
CVE-2020-8834 (High) |
||
CVE-2021-3715 (High) |
||
CVE-2023-4128 (High) |
||
CVE-2023-32233 (High) |
||
CVE-2022-2639 (High) |
||
CVE-2023-1829 (High) |
||
CVE-2023-3776 (High) |
||
CVE-2018-20976 (High) |
||
CVE-2023-1281 (High) |
||
tungsten/contrail-analytics-snmp-collector |
kernel-headers |
CVE-2022-1012 (High) |
CVE-2023-2163 (High) |
||
CVE-2022-42896 (High) |
||
CVE-2023-3611 (High) |
||
CVE-2023-35001 (High) |
||
CVE-2023-3609 (High) |
||
CVE-2020-8834 (High) |
||
CVE-2021-3715 (High) |
||
CVE-2023-4128 (High) |
||
CVE-2023-32233 (High) |
||
CVE-2022-2639 (High) |
||
CVE-2023-1829 (High) |
||
CVE-2023-3776 (High) |
||
CVE-2018-20976 (High) |
||
CVE-2023-1281 (High) |
||
CVE-2023-35788 (High) |
||
tungsten/contrail-analytics-snmp-topology |
kernel-headers |
CVE-2022-1012 (High) |
CVE-2023-2163 (High) |
||
CVE-2022-42896 (High) |
||
CVE-2023-3611 (High) |
||
CVE-2023-35001 (High) |
||
CVE-2023-3609 (High) |
||
CVE-2020-8834 (High) |
||
CVE-2021-3715 (High) |
||
CVE-2023-4128 (High) |
||
CVE-2023-32233 (High) |
||
CVE-2022-2639 (High) |
||
CVE-2023-1829 (High) |
||
CVE-2023-3776 (High) |
||
CVE-2018-20976 (High) |
||
CVE-2023-1281 (High) |
||
CVE-2023-35788 (High) |
||
tungsten/contrail-controller-config-api |
kernel-headers |
CVE-2022-1012 (High) |
CVE-2023-2163 (High) |
||
CVE-2022-42896 (High) |
||
CVE-2023-3611 (High) |
||
CVE-2023-35001 (High) |
||
CVE-2023-3609 (High) |
||
CVE-2020-8834 (High) |
||
CVE-2021-3715 (High) |
||
CVE-2023-4128 (High) |
||
CVE-2023-32233 (High) |
||
CVE-2022-2639 (High) |
||
CVE-2023-1829 (High) |
||
CVE-2023-3776 (High) |
||
CVE-2018-20976 (High) |
||
CVE-2023-1281 (High) |
||
CVE-2023-35788 (High) |
||
tungsten/contrail-controller-config-devicemgr |
kernel-headers |
CVE-2022-1012 (High) |
CVE-2023-2163 (High) |
||
CVE-2022-42896 (High) |
||
CVE-2023-3611 (High) |
||
CVE-2023-35001 (High) |
||
CVE-2023-3609 (High) |
||
CVE-2020-8834 (High) |
||
CVE-2021-3715 (High) |
||
CVE-2023-4128 (High) |
||
CVE-2023-32233 (High) |
||
CVE-2022-2639 (High) |
||
CVE-2023-1829 (High) |
||
CVE-2023-3776 (High) |
||
CVE-2018-20976 (High) |
||
CVE-2023-1281 (High) |
||
CVE-2023-35788 (High) |
||
tungsten/contrail-controller-config-schema |
kernel-headers |
CVE-2023-35788 (High) |
CVE-2022-1012 (High) |
||
CVE-2023-2163 (High) |
||
CVE-2022-42896 (High) |
||
CVE-2023-3611 (High) |
||
CVE-2023-35001 (High) |
||
CVE-2023-3609 (High) |
||
CVE-2020-8834 (High) |
||
CVE-2021-3715 (High) |
||
CVE-2023-4128 (High) |
||
CVE-2023-32233 (High) |
||
CVE-2022-2639 (High) |
||
CVE-2023-1829 (High) |
||
CVE-2023-3776 (High) |
||
CVE-2018-20976 (High) |
||
CVE-2023-1281 (High) |
||
tungsten/contrail-controller-config-svcmonitor |
kernel-headers |
CVE-2023-35788 (High) |
CVE-2022-1012 (High) |
||
CVE-2023-2163 (High) |
||
CVE-2022-42896 (High) |
||
CVE-2023-3611 (High) |
||
CVE-2023-35001 (High) |
||
CVE-2023-3609 (High) |
||
CVE-2020-8834 (High) |
||
CVE-2021-3715 (High) |
||
CVE-2023-4128 (High) |
||
CVE-2023-32233 (High) |
||
CVE-2022-2639 (High) |
||
CVE-2023-1829 (High) |
||
CVE-2023-3776 (High) |
||
CVE-2018-20976 (High) |
||
CVE-2023-1281 (High) |
||
tungsten/contrail-controller-control-control |
kernel-headers |
CVE-2022-1012 (High) |
CVE-2023-2163 (High) |
||
CVE-2022-42896 (High) |
||
CVE-2023-3611 (High) |
||
CVE-2023-35001 (High) |
||
CVE-2023-3609 (High) |
||
CVE-2020-8834 (High) |
||
CVE-2021-3715 (High) |
||
CVE-2023-4128 (High) |
||
CVE-2023-32233 (High) |
||
CVE-2022-2639 (High) |
||
CVE-2023-1829 (High) |
||
CVE-2023-3776 (High) |
||
CVE-2018-20976 (High) |
||
CVE-2023-1281 (High) |
||
CVE-2023-35788 (High) |
||
tungsten/contrail-controller-control-dns |
kernel-headers |
CVE-2023-35788 (High) |
CVE-2022-1012 (High) |
||
CVE-2023-2163 (High) |
||
CVE-2022-42896 (High) |
||
CVE-2023-3611 (High) |
||
CVE-2023-35001 (High) |
||
CVE-2023-3609 (High) |
||
CVE-2020-8834 (High) |
||
CVE-2021-3715 (High) |
||
CVE-2023-4128 (High) |
||
CVE-2023-32233 (High) |
||
CVE-2022-2639 (High) |
||
CVE-2023-1829 (High) |
||
CVE-2023-3776 (High) |
||
CVE-2018-20976 (High) |
||
CVE-2023-1281 (High) |
||
tungsten/contrail-controller-control-named |
kernel-headers |
CVE-2023-35788 (High) |
CVE-2022-1012 (High) |
||
CVE-2023-2163 (High) |
||
CVE-2022-42896 (High) |
||
CVE-2023-3611 (High) |
||
CVE-2023-35001 (High) |
||
CVE-2023-3609 (High) |
||
CVE-2020-8834 (High) |
||
CVE-2021-3715 (High) |
||
CVE-2023-4128 (High) |
||
CVE-2023-32233 (High) |
||
CVE-2022-2639 (High) |
||
CVE-2023-1829 (High) |
||
CVE-2023-3776 (High) |
||
CVE-2018-20976 (High) |
||
CVE-2023-1281 (High) |
||
tungsten/contrail-controller-webui-job |
kernel-headers |
CVE-2023-35788 (High) |
CVE-2022-1012 (High) |
||
CVE-2023-2163 (High) |
||
CVE-2022-42896 (High) |
||
CVE-2023-3611 (High) |
||
CVE-2023-35001 (High) |
||
CVE-2023-3609 (High) |
||
CVE-2020-8834 (High) |
||
CVE-2021-3715 (High) |
||
CVE-2023-4128 (High) |
||
CVE-2023-32233 (High) |
||
CVE-2022-2639 (High) |
||
CVE-2023-1829 (High) |
||
CVE-2023-3776 (High) |
||
CVE-2018-20976 (High) |
||
CVE-2023-1281 (High) |
||
tungsten/contrail-controller-webui-web |
kernel-headers |
CVE-2022-1012 (High) |
CVE-2023-2163 (High) |
||
CVE-2022-42896 (High) |
||
CVE-2023-3611 (High) |
||
CVE-2023-35001 (High) |
||
CVE-2023-3609 (High) |
||
CVE-2020-8834 (High) |
||
CVE-2021-3715 (High) |
||
CVE-2023-4128 (High) |
||
CVE-2023-32233 (High) |
||
CVE-2022-2639 (High) |
||
CVE-2023-1829 (High) |
||
CVE-2023-3776 (High) |
||
CVE-2018-20976 (High) |
||
CVE-2023-1281 (High) |
||
CVE-2023-35788 (High) |
||
tungsten/contrail-nodemgr |
kernel-headers |
CVE-2023-35788 (High) |
CVE-2022-1012 (High) |
||
CVE-2023-2163 (High) |
||
CVE-2022-42896 (High) |
||
CVE-2023-3611 (High) |
||
CVE-2023-35001 (High) |
||
CVE-2023-3609 (High) |
||
CVE-2020-8834 (High) |
||
CVE-2021-3715 (High) |
||
CVE-2023-4128 (High) |
||
CVE-2023-32233 (High) |
||
CVE-2022-2639 (High) |
||
CVE-2023-1829 (High) |
||
CVE-2023-3776 (High) |
||
CVE-2018-20976 (High) |
||
CVE-2023-1281 (High) |
||
tungsten/contrail-provisioner |
kernel-headers |
CVE-2022-1012 (High) |
CVE-2023-2163 (High) |
||
CVE-2022-42896 (High) |
||
CVE-2023-3611 (High) |
||
CVE-2023-35001 (High) |
||
CVE-2023-3609 (High) |
||
CVE-2020-8834 (High) |
||
CVE-2021-3715 (High) |
||
CVE-2023-4128 (High) |
||
CVE-2023-32233 (High) |
||
CVE-2022-2639 (High) |
||
CVE-2023-1829 (High) |
||
CVE-2023-3776 (High) |
||
CVE-2018-20976 (High) |
||
CVE-2023-1281 (High) |
||
CVE-2023-35788 (High) |
||
tungsten/contrail-tools |
kernel-headers |
CVE-2023-35788 (High) |
CVE-2022-1012 (High) |
||
CVE-2023-2163 (High) |
||
CVE-2022-42896 (High) |
||
CVE-2023-3611 (High) |
||
CVE-2023-35001 (High) |
||
CVE-2023-3609 (High) |
||
CVE-2020-8834 (High) |
||
CVE-2021-3715 (High) |
||
CVE-2023-4128 (High) |
||
CVE-2023-32233 (High) |
||
CVE-2022-2639 (High) |
||
CVE-2023-1829 (High) |
||
CVE-2023-3776 (High) |
||
CVE-2018-20976 (High) |
||
CVE-2023-1281 (High) |
||
tungsten/redis |
busybox |
CVE-2022-48174 (Critical) |
busybox-binsh |
CVE-2022-48174 (Critical) |
|
ssl_client |
CVE-2022-48174 (Critical) |